-
This is why we can’t have nice things. sudo.ws/alerts/unescape_overflow.html
-
“A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. […] The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the bug.”